@pulumi/aws/lambda/codeSigningConfig.js

A Pulumi package for creating and managing Amazon Web Services (AWS) cloud resources.

"use strict";
// *** WARNING: this file was generated by pulumi-language-nodejs. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
Object.defineProperty(exports, "__esModule", { value: true });
exports.CodeSigningConfig = void 0;
const pulumi = require("@pulumi/pulumi");
const utilities = require("../utilities");
/**
 * Manages an AWS Lambda Code Signing Config. Use this resource to define allowed signing profiles and code-signing validation policies for Lambda functions to ensure code integrity and authenticity.
 *
 * For information about Lambda code signing configurations and how to use them, see [configuring code signing for Lambda functions](https://docs.aws.amazon.com/lambda/latest/dg/configuration-codesigning.html).
 *
 * ## Example Usage
 *
 * ### Basic Usage
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as aws from "@pulumi/aws";
 *
 * // Create signing profiles for different environments
 * const prod = new aws.signer.SigningProfile("prod", {
 *     platformId: "AWSLambda-SHA384-ECDSA",
 *     namePrefix: "prod_lambda_",
 *     tags: {
 *         Environment: "production",
 *     },
 * });
 * const dev = new aws.signer.SigningProfile("dev", {
 *     platformId: "AWSLambda-SHA384-ECDSA",
 *     namePrefix: "dev_lambda_",
 *     tags: {
 *         Environment: "development",
 *     },
 * });
 * // Code signing configuration with enforcement
 * const example = new aws.lambda.CodeSigningConfig("example", {
 *     description: "Code signing configuration for Lambda functions",
 *     allowedPublishers: {
 *         signingProfileVersionArns: [
 *             prod.versionArn,
 *             dev.versionArn,
 *         ],
 *     },
 *     policies: {
 *         untrustedArtifactOnDeployment: "Enforce",
 *     },
 *     tags: {
 *         Environment: "production",
 *         Purpose: "code-signing",
 *     },
 * });
 * ```
 *
 * ### Warning Only Configuration
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as aws from "@pulumi/aws";
 *
 * const example = new aws.lambda.CodeSigningConfig("example", {
 *     description: "Development code signing configuration",
 *     allowedPublishers: {
 *         signingProfileVersionArns: [dev.versionArn],
 *     },
 *     policies: {
 *         untrustedArtifactOnDeployment: "Warn",
 *     },
 *     tags: {
 *         Environment: "development",
 *         Purpose: "code-signing",
 *     },
 * });
 * ```
 *
 * ### Multiple Environment Configuration
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as aws from "@pulumi/aws";
 *
 * // Production signing configuration
 * const prod = new aws.lambda.CodeSigningConfig("prod", {
 *     description: "Production code signing configuration with strict enforcement",
 *     allowedPublishers: {
 *         signingProfileVersionArns: [prodAwsSignerSigningProfile.versionArn],
 *     },
 *     policies: {
 *         untrustedArtifactOnDeployment: "Enforce",
 *     },
 *     tags: {
 *         Environment: "production",
 *         Security: "strict",
 *     },
 * });
 * // Development signing configuration
 * const dev = new aws.lambda.CodeSigningConfig("dev", {
 *     description: "Development code signing configuration with warnings",
 *     allowedPublishers: {
 *         signingProfileVersionArns: [
 *             devAwsSignerSigningProfile.versionArn,
 *             test.versionArn,
 *         ],
 *     },
 *     policies: {
 *         untrustedArtifactOnDeployment: "Warn",
 *     },
 *     tags: {
 *         Environment: "development",
 *         Security: "flexible",
 *     },
 * });
 * ```
 *
 * ## Import
 *
 * For backwards compatibility, the following legacy `pulumi import` command is also supported:
 *
 * ```sh
 * $ pulumi import aws:lambda/codeSigningConfig:CodeSigningConfig example arn:aws:lambda:us-west-2:123456789012:code-signing-config:csc-0f6c334abcdea4d8b
 * ```
 */
class CodeSigningConfig extends pulumi.CustomResource {
    /**
     * Get an existing CodeSigningConfig resource's state with the given name, ID, and optional extra
     * properties used to qualify the lookup.
     *
     * @param name The _unique_ name of the resulting resource.
     * @param id The _unique_ provider ID of the resource to lookup.
     * @param state Any extra arguments used during the lookup.
     * @param opts Optional settings to control the behavior of the CustomResource.
     */
    static get(name, id, state, opts) {
        return new CodeSigningConfig(name, state, Object.assign(Object.assign({}, opts), { id: id }));
    }
    /**
     * Returns true if the given object is an instance of CodeSigningConfig.  This is designed to work even
     * when multiple copies of the Pulumi SDK have been loaded into the same process.
     */
    static isInstance(obj) {
        if (obj === undefined || obj === null) {
            return false;
        }
        return obj['__pulumiType'] === CodeSigningConfig.__pulumiType;
    }
    constructor(name, argsOrState, opts) {
        let resourceInputs = {};
        opts = opts || {};
        if (opts.id) {
            const state = argsOrState;
            resourceInputs["allowedPublishers"] = state ? state.allowedPublishers : undefined;
            resourceInputs["arn"] = state ? state.arn : undefined;
            resourceInputs["configId"] = state ? state.configId : undefined;
            resourceInputs["description"] = state ? state.description : undefined;
            resourceInputs["lastModified"] = state ? state.lastModified : undefined;
            resourceInputs["policies"] = state ? state.policies : undefined;
            resourceInputs["region"] = state ? state.region : undefined;
            resourceInputs["tags"] = state ? state.tags : undefined;
            resourceInputs["tagsAll"] = state ? state.tagsAll : undefined;
        }
        else {
            const args = argsOrState;
            if ((!args || args.allowedPublishers === undefined) && !opts.urn) {
                throw new Error("Missing required property 'allowedPublishers'");
            }
            resourceInputs["allowedPublishers"] = args ? args.allowedPublishers : undefined;
            resourceInputs["description"] = args ? args.description : undefined;
            resourceInputs["policies"] = args ? args.policies : undefined;
            resourceInputs["region"] = args ? args.region : undefined;
            resourceInputs["tags"] = args ? args.tags : undefined;
            resourceInputs["arn"] = undefined /*out*/;
            resourceInputs["configId"] = undefined /*out*/;
            resourceInputs["lastModified"] = undefined /*out*/;
            resourceInputs["tagsAll"] = undefined /*out*/;
        }
        opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts);
        super(CodeSigningConfig.__pulumiType, name, resourceInputs, opts);
    }
}
exports.CodeSigningConfig = CodeSigningConfig;
/** @internal */
CodeSigningConfig.__pulumiType = 'aws:lambda/codeSigningConfig:CodeSigningConfig';
//# sourceMappingURL=codeSigningConfig.js.map